• Resolved sagency

    (@sdagency)


    Recently both my sites that use this plugin are showing the page is not secure and that I don’t have cookies enabled. It locks me out after one try of entering in my stored password.

    I do use the custom login page name feature.

    Thanks. Very aggravating not being able to get into my sites.

Viewing 13 replies - 1 through 13 (of 13 total)
  • Plugin Contributor wpsolutions

    (@wpsolutions)

    Hi @sdagency,
    Have you tried using one of the alternative features in the brute force menu (ie, cookie based brute force feature)?
    Sometimes there could be specific things unique to a site which may clash with some features.

    I recommend that you check if there is a plugin and/or theme conflict which may be causing the issue you are seeing.

    • This reply was modified 9 years, 4 months ago by wpsolutions.
    Thread Starter sagency

    (@sdagency)

    The problem is I can’t get into the site to do this. I’m locked out of my own site.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    You can easily temporarily deactivate the aiowps plugin by logging into your server using FTP or cpanel and renaming this plugin’s folder from “all-in-one-wp-security-and-firewall” to “temp-all-in-one-wp-security-and-firewall”.

    You should then be able to log in and once logged in simply rename the folder back to original name.

    Thread Starter sagency

    (@sdagency)

    Thanks wpsolutions. When I rename the folder and login it won’t let me access the admin, only the public site. Keeps redirecting to the public homepage.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Edit your .htaccess file and delete all the code between and including the following tags:
    # BEGIN All In One WP Security
    # END All In One WP Security

    Thread Starter sagency

    (@sdagency)

    I got back in but can’t find the conflict. The site only gives me two attempts to login or it locks out my IP. What’s odd is I have 4 attempts before lockout specified in AIOWPS settings.

    Another odd thing I am noticing is the CAPTCHA math problem is always the same on the customized login page.

    I don’t have cookie brute force enabled so no conflict there.

    Any ideas? Thanks.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    The site only gives me two attempts to login or it locks out my IP

    When you are locked out after those 2 attempts, what is the exact wording of the error message?

    Another odd thing I am noticing is the CAPTCHA math problem is always the same on the customized login page

    Does your hosting provider do page caching? (eg, wpengine does this)
    If so, you will need to tell them to specifically not cache your login page.

    Thread Starter sagency

    (@sdagency)

    So when I go to the custom login page it says I don’t have cookie enabled.

    I do have cookies enabled.

    The first attempt logging in usually fails. Sometimes it says “ERROR: Invalid login credentials.”

    Then I just let Firefox fill in my user/password again (not typing anything) and enter and I can get in.

    I did disable the W3 Super Cache plugin and now my bookmarked login pag does show a different CAPTCHA question. So that part is solved but not the cookies issue and two attempts to login.

    Thanks.

    Thread Starter sagency

    (@sdagency)

    OK, got locked out again despite whitelisting my IP and disabling caching plugin.

    Here is the message:

    ERROR: Access from your IP address has been blocked for security reasons. Please contact the administrator.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Ok that message indicates to me that the login lockdown feature had blocked you.
    The existing “whitelist” feature in the brute force menu will not prevent you from being locked out because that whitelist feature is not designed for that – it is purely meant to block all IP addresses from accessing your login page except the whitelisted IP addresses. (I recommend you leave the whitelist feature disabled if your IP address changes constantly)

    I have recently implemented a new whitelist capability for the login lockdown feature. This will allow you to prevent certain IP addresses from getting locked out by the login lockdown feature. (this functionality should be available in the next release but if you want me to give you a beta version zip file please contact me using my website contact form)

    • This reply was modified 9 years, 4 months ago by wpsolutions.
    • This reply was modified 9 years, 4 months ago by wpsolutions.
    Thread Starter sagency

    (@sdagency)

    Thanks. I can wait for the official release probably.

    The other message I’m getting today after the first login attempt fails is:

    ERROR: Invalid login credentials.

    Thread Starter sagency

    (@sdagency)

    Interesting update.

    I went back into my Firefox stored passwords and noticed I had 2, maybe 3 entries for my site. They all had the same username, same password. I can verify that because the “last used date” was the same for each instance. When I removed all of them and stored only one instance I am now not experiencing any login issues. Odd. Not sure if that could be related.

    Will report back if this changes.

    Thread Starter sagency

    (@sdagency)

    Login problems are back.

    Now on the first login attempt after it processes it says cookies aren’t enabled. If I hit refresh without typing in the username and password again it logs me in. Very odd. Back to square one.

Viewing 13 replies - 1 through 13 (of 13 total)

The topic ‘Connection Not Secure – Cookies Not Enabled’ is closed to new replies.